www.republicrefund.com Open in urlscan Pro
216.26.182.11 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://republicrefund.com/
Effective URL:
https://www.republicrefund.com/
Submission: On August 30 via automatic, source certstream-suspicious (August 30th 2022, 2:17:10 pm UTC) — Scanned from DE

Summary HTTP 40 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 40 HTTP transactions. The main IP is 216.26.182.11, located in Carrollton, United States and belongs to RBCORP, US. The main domain is www.republicrefund.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on August 19th 2020. Valid for: 2 years.

This is the only time www.republicrefund.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 30	216.26.182.11 216.26.182.11	36333 (RBCORP) (RBCORP)
3	2a00:1450:400... 2a00:1450:400a:800::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
40	4

30 216.26.182.11 (Carrollton, United States) 1 redirects

ASN36333 (RBCORP, US)
PTR: host11.182.iskywire.net

republicrefund.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.republicrefund.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400a:800::200a (Zurich, Switzerland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	republicrefund.com 1 redirects republicrefund.com www.republicrefund.com	2 MB
6	gstatic.com fonts.gstatic.com	210 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 54	2 KB
2	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 334	17 KB
40	4

	Domain	Requested by
29	www.republicrefund.com	www.republicrefund.com
6	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	www.republicrefund.com
2	ssl.google-analytics.com	www.republicrefund.com
1	republicrefund.com	1 redirects
40	5

This site contains links to these domains. Also see Links.

Domain
enrollment.republicrefund.com
www.republictaxpayer.com
www.republicverify.com
republicverify.com
www.irs.gov
www.republicbank.com
www.fdic.gov

Subject Issuer	Validity	Valid
*.republicrefund.com Go Daddy Secure Certificate Authority - G2	`2020-08-19` - `2022-09-10`	2 years	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.republicrefund.com/
Frame ID: 9228F17FE4FBC6ED6EE99968D0BE9657
Requests: 40 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tax Refund Solutions - Republic Bank

Page URL History Show full URLs

https://republicrefund.com/ HTTP 302
https://www.republicrefund.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<input[^>]+name="__VIEWSTATE

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

40
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

5
Subdomains

4
IPs

3
Countries

1880 kB
Transfer

1922 kB
Size

6
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: http://enrollment.republicrefund.com/
Title: Enroll

Search URL Search Domain Scan URL

URL: http://www.republictaxpayer.com/
Title: Republic Taxpayer

Search URL Search Domain Scan URL

URL: http://www.republicverify.com/
Title: Republic Verify

Search URL Search Domain Scan URL

URL: https://www.republictaxpayer.com/
Title: Taxpayer

Search URL Search Domain Scan URL

URL: https://republicverify.com/
Title: Check Verification

Search URL Search Domain Scan URL

URL: http://www.irs.gov/
Title: IRS.gov

Search URL Search Domain Scan URL

URL: https://www.republicbank.com/home/fiFiles/static/documents/ccpa.pdf
Title: CA Disclosures & Privacy

Search URL Search Domain Scan URL

URL: http://www.fdic.gov/
Title: Member FDIC

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://republicrefund.com/ HTTP 302
https://www.republicrefund.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

40 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.republicrefund.com/
Redirect Chain

https://republicrefund.com/
https://www.republicrefund.com/

55 KB
56 KB

552ms
165ms

Document
text/html

216.26.182.11
RBCORP

General

Check archive.org

Show headers Download Go to

Full URL: https://www.republicrefund.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.26.182.11 Carrollton, United States, ASN36333 (RBCORP, US),
Reverse DNS: host11.182.iskywire.net
Software: Microsoft-IIS/10.0 / UrlRewriter.NET 2.0.0 ASP.NET
Resource Hash: 80c2a59f46ad8800636d064429d746b9a8a79ca11f681801dab02ed889dcaba1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private
Content-Length: 56784
Content-Type: text/html; charset=utf-8
Date: Tue, 30 Aug 2022 14:17:02 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: UrlRewriter.NET 2.0.0 ASP.NET

Redirect headers

Connection: Keep-Alive
Content-Length: 0
Location: https://www.republicrefund.com/
Server: BigIP

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1018 B 103ms
43ms Stylesheet
text/css 2a00:1450:400a:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Istok+Web:400,700

Requested by

Host: www.republicrefund.com
URL: https://www.republicrefund.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400a:800::200a Zurich, Switzerland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5d6e221886fe0c054194639a814132b0bb4f3d7f6d39fe3e3afec48b84c30992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.republicrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 13:56:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 30 Aug 2022 14:17:02 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 30 Aug 2022 14:17:02 GMT

GET
H2 200 css
fonts.googleapis.com/ 23 KB
1 KB 106ms
46ms Stylesheet
text/css 2a00:1450:400a:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito+Sans:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i

Requested by

Host: www.republicrefund.com
URL: https://www.republicrefund.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400a:800::200a Zurich, Switzerland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

de4952e81047b4a4e4eb402d081593b49db0f4cd5bc66e13a163538a0f6709a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.republicrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 14:17:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 30 Aug 2022 14:17:02 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 30 Aug 2022 14:17:02 GMT

GET
H2 200 icon
fonts.googleapis.com/ 569 B
440 B 104ms
43ms Stylesheet
text/css 2a00:1450:400a:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: www.republicrefund.com
URL: https://www.republicrefund.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400a:800::200a Zurich, Switzerland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.republicrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 14:17:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 30 Aug 2022 14:17:02 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 30 Aug 2022 14:17:02 GMT

GET
H/1.1 200
OK bootstrap.min.css
www.republicrefund.com/css/ 118 KB
119 KB 347ms
121ms Stylesheet
text/css 216.26.182.11
RBCORP

General

Check archive.org

Show headers Download Go to

Full URL: https://www.republicrefund.com/css/bootstrap.min.css
Requested by: Host: www.republicrefund.com
URL: https://www.republicrefund.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.26.182.11 Carrollton, United States, ASN36333 (RBCORP, US),
Reverse DNS: host11.182.iskywire.net
Software: Microsoft-IIS/10.0 / UrlRewriter.NET 2.0.0, ASP.NET
Resource Hash: 5a3d8c05785485d36ee5c94d4681e5b1d9e4b94c5be8b5bd7b0f3168fff1bd9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.republicrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:17:02 GMT
Last-Modified: Mon, 27 Jun 2022 02:31:45 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: UrlRewriter.NET 2.0.0, ASP.NET
ETag: "954a39bce89d81:0"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 121205

GET
H/1.1 200
OK flexslider.css
www.republicrefund.com/css/ 4 KB
4 KB 346ms
119ms Stylesheet
text/css 216.26.182.11
RBCORP

General

Check archive.org

Show headers Download Go to

Full URL: https://www.republicrefund.com/css/flexslider.css
Requested by: Host: www.republicrefund.com
URL: https://www.republicrefund.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.26.182.11 Carrollton, United States, ASN36333 (RBCORP, US),
Reverse DNS: host11.182.iskywire.net
Software: Microsoft-IIS/10.0 / UrlRewriter.NET 2.0.0, ASP.NET
Resource Hash: 22d48702fa1726a0a2e9e490986ee131b369322f9b8af448a7236c04268d3c7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.republicrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:17:02 GMT
Last-Modified: Mon, 27 Jun 2022 02:31:45 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: UrlRewriter.NET 2.0.0, ASP.NET
ETag: "b9fb49bce89d81:0"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 3658

GET
H/1.1 200
OK jquery-ui.min.css
www.republicrefund.com/css/ 30 KB
31 KB 349ms
119ms Stylesheet
text/css 216.26.182.11
RBCORP

General

Check archive.org

Show headers Download Go to

Full URL: https://www.republicrefund.com/css/jquery-ui.min.css
Requested by: Host: www.republicrefund.com
URL: https://www.republicrefund.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.26.182.11 Carrollton, United States, ASN36333 (RBCORP, US),
Reverse DNS: host11.182.iskywire.net
Software: Microsoft-IIS/10.0 / UrlRewriter.NET 2.0.0, ASP.NET
Resource Hash: a1fc77b82dec801c5096e5a5e0cd12750f053fd6791e9027e7d79722956de6da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.republicrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:17:02 GMT
Last-Modified: Mon, 27 Jun 2022 02:31:45 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: UrlRewriter.NET 2.0.0, ASP.NET
ETag: "315e4cbce89d81:0"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 31000

GET
H/1.1 200
OK jquery-ui.theme.min.css
www.republicrefund.com/css/ 14 KB
14 KB 355ms
120ms Stylesheet
text/css 216.26.182.11
RBCORP

General

Check archive.org

Show headers Download Go to

Full URL: https://www.republicrefund.com/css/jquery-ui.theme.min.css
Requested by: Host: www.republicrefund.com
URL: https://www.republicrefund.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.26.182.11 Carrollton, United States, ASN36333 (RBCORP, US),
Reverse DNS: host11.182.iskywire.net
Software: Microsoft-IIS/10.0 / UrlRewriter.NET 2.0.0, ASP.NET
Resource Hash: df797630e47e7f91167767731e7edff4fd00a6eceb2d5406515b1f3b02c6f155

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.republicrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:17:02 GMT
Last-Modified: Mon, 27 Jun 2022 02:31:45 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: UrlRewriter.NET 2.0.0, ASP.NET
ETag: "ef2251bce89d81:0"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 13843

GET
H/1.1 200
OK republic.css
www.republicrefund.com/css/ 90 KB
90 KB 357ms
123ms Stylesheet
text/css 216.26.182.11
RBCORP

General

Check archive.org

Show headers Download Go to

Full URL: https://www.republicrefund.com/css/republic.css
Requested by: Host: www.republicrefund.com
URL: https://www.republicrefund.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.26.182.11 Carrollton, United States, ASN36333 (RBCORP, US),
Reverse DNS: host11.182.iskywire.net
Software: Microsoft-IIS/10.0 / UrlRewriter.NET 2.0.0, ASP.NET
Resource Hash: d65845903fa8439eab1cf5f21f29a9ca8c5aeccae43e55311f4732d7eb3776f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.republicrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:17:02 GMT
Last-Modified: Mon, 27 Jun 2022 02:31:45 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: UrlRewriter.NET 2.0.0, ASP.NET
ETag: "77715fbce89d81:0"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 92140

GET
H/1.1 200
OK ero_login.js Show response
www.republicrefund.com/scripts/ 360 B
657 B 372ms
126ms Script
application/javascript 216.26.182.11
RBCORP

General

Check archive.org

Show headers Download Go to

Full URL: https://www.republicrefund.com/scripts/ero_login.js
Requested by: Host: www.republicrefund.com
URL: https://www.republicrefund.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.26.182.11 Carrollton, United States, ASN36333 (RBCORP, US),
Reverse DNS: host11.182.iskywire.net
Software: Microsoft-IIS/10.0 / UrlRewriter.NET 2.0.0, ASP.NET
Resource Hash: 83c599a68611313b6ededfb53a2a19a3640c755b89117341bcc98b328cfcf0a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.republicrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:17:02 GMT
Last-Modified: Mon, 27 Jun 2022 02:31:52 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: UrlRewriter.NET 2.0.0, ASP.NET
ETag: "bede73fce89d81:0"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 360

GET
H/1.1 200
OK external.js Show response
www.republicrefund.com/scripts/ 1 KB
2 KB 463ms
117ms Script
application/javascript 216.26.182.11
RBCORP

General

Check archive.org

Show headers Download Go to

Full URL: https://www.republicrefund.com/scripts/external.js
Requested by: Host: www.republicrefund.com
URL: https://www.republicrefund.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.26.182.11 Carrollton, United States, ASN36333 (RBCORP, US),
Reverse DNS: host11.182.iskywire.net
Software: Microsoft-IIS/10.0 / UrlRewriter.NET 2.0.0, ASP.NET
Resource Hash: 654ecc4c5d18d6bb3131f0b315ac43c7c0ac82f7ead17b1d7f741b9c3de858db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.republicrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:17:02 GMT
Last-Modified: Mon, 27 Jun 2022 02:31:52 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: UrlRewriter.NET 2.0.0, ASP.NET
ETag: "148879fce89d81:0"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 1405

GET
H/1.1 200
OK verify.js Show response
www.republicrefund.com/scripts/ 455 B
752 B 496ms
124ms Script
application/javascript 216.26.182.11
RBCORP

General

Check archive.org

Show headers Download Go to

Full URL: https://www.republicrefund.com/scripts/verify.js
Requested by: Host: www.republicrefund.com
URL: https://www.republicrefund.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.26.182.11 Carrollton, United States, ASN36333 (RBCORP, US),
Reverse DNS: host11.182.iskywire.net
Software: Microsoft-IIS/10.0 / UrlRewriter.NET 2.0.0, ASP.NET
Resource Hash: fae5eff8cba6c11d1e3b8ea0380e6197eb2655885a74f5aabcb6be9336fb72fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.republicrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:17:02 GMT
Last-Modified: Mon, 27 Jun 2022 02:31:52 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: UrlRewriter.NET 2.0.0, ASP.NET
ETag: "ac5fb0fce89d81:0"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 455

GET
H/1.1 200
OK popup.js Show response
www.republicrefund.com/scripts/ 2 KB
3 KB 578ms
117ms Script
application/javascript 216.26.182.11
RBCORP

General

Check archive.org

Show headers Download Go to

Full URL: https://www.republicrefund.com/scripts/popup.js
Requested by: Host: www.republicrefund.com
URL: https://www.republicrefund.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.26.182.11 Carrollton, United States, ASN36333 (RBCORP, US),
Reverse DNS: host11.182.iskywire.net
Software: Microsoft-IIS/10.0 / UrlRewriter.NET 2.0.0, ASP.NET
Resource Hash: 2494fe33eaab077a3ec31e982eb619fd099c06feda3a390fc669eca96584fc02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.republicrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:17:02 GMT
Last-Modified: Mon, 27 Jun 2022 02:31:52 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: UrlRewriter.NET 2.0.0, ASP.NET
ETag: "cfae9ffce89d81:0"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 2416

GET
H/1.1 200
OK jquery-3.1.1.min.js Show response
www.republicrefund.com/scripts/ 85 KB
85 KB 588ms
124ms Script
application/javascript 216.26.182.11
RBCORP

General

Check archive.org

Show headers Download Go to

Full URL: https://www.republicrefund.com/scripts/jquery-3.1.1.min.js
Requested by: Host: www.republicrefund.com
URL: https://www.republicrefund.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.26.182.11 Carrollton, United States, ASN36333 (RBCORP, US),
Reverse DNS: host11.182.iskywire.net
Software: Microsoft-IIS/10.0 / UrlRewriter.NET 2.0.0, ASP.NET
Resource Hash: 1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.republicrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:17:02 GMT
Last-Modified: Mon, 27 Jun 2022 02:31:52 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: UrlRewriter.NET 2.0.0, ASP.NET
ETag: "819b8cfce89d81:0"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 86713

GET
H/1.1 200
OK jquery-ui.min.js Show response
www.republicrefund.com/scripts/ 248 KB
248 KB 579ms
115ms Script
application/javascript 216.26.182.11
RBCORP

General

Check archive.org

Show headers Download Go to

Full URL: https://www.republicrefund.com/scripts/jquery-ui.min.js
Requested by: Host: www.republicrefund.com
URL: https://www.republicrefund.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.26.182.11 Carrollton, United States, ASN36333 (RBCORP, US),
Reverse DNS: host11.182.iskywire.net
Software: Microsoft-IIS/10.0 / UrlRewriter.NET 2.0.0, ASP.NET
Resource Hash: 37904cc0af1aeb351c1879414bcd1fce855dda4a381f2c0631653fa3442c406c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.republicrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:17:02 GMT
Last-Modified: Mon, 27 Jun 2022 02:31:52 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: UrlRewriter.NET 2.0.0, ASP.NET
ETag: "afc293fce89d81:0"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 253680

GET
H/1.1 200
OK flexslider.js Show response
www.republicrefund.com/scripts/ 64 KB
64 KB 586ms
119ms Script
application/javascript 216.26.182.11
RBCORP

General

Check archive.org

Show headers Download Go to

Full URL: https://www.republicrefund.com/scripts/flexslider.js
Requested by: Host: www.republicrefund.com
URL: https://www.republicrefund.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.26.182.11 Carrollton, United States, ASN36333 (RBCORP, US),
Reverse DNS: host11.182.iskywire.net
Software: Microsoft-IIS/10.0 / UrlRewriter.NET 2.0.0, ASP.NET
Resource Hash: 721d6e73ffee86eadb5863f7e2a843d1eab44a5cfc519043057e04c5def5e389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.republicrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:17:02 GMT
Last-Modified: Mon, 27 Jun 2022 02:31:52 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: UrlRewriter.NET 2.0.0, ASP.NET
ETag: "71ea7bfce89d81:0"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 65540

GET
H/1.1 200
OK bootstrap.min.js Show response
www.republicrefund.com/scripts/ 36 KB
36 KB 621ms
125ms Script
application/javascript 216.26.182.11
RBCORP

General

Check archive.org

Show headers Download Go to

Full URL: https://www.republicrefund.com/scripts/bootstrap.min.js
Requested by: Host: www.republicrefund.com
URL: https://www.republicrefund.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.26.182.11 Carrollton, United States, ASN36333 (RBCORP, US),
Reverse DNS: host11.182.iskywire.net
Software: Microsoft-IIS/10.0 / UrlRewriter.NET 2.0.0, ASP.NET
Resource Hash: 36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.republicrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:17:02 GMT
Last-Modified: Mon, 27 Jun 2022 02:31:52 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: UrlRewriter.NET 2.0.0, ASP.NET
ETag: "a7c71fce89d81:0"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 37051

GET
H/1.1 200
OK TRS%20Logo%20Navy%20no%20web.png
www.republicrefund.com/images/ 164 KB
164 KB 125ms
125ms Image
image/png 216.26.182.11
RBCORP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.republicrefund.com/images/TRS%20Logo%20Navy%20no%20web.png
Requested by: Host: www.republicrefund.com
URL: https://www.republicrefund.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.26.182.11 Carrollton, United States, ASN36333 (RBCORP, US),
Reverse DNS: host11.182.iskywire.net
Software: Microsoft-IIS/10.0 / UrlRewriter.NET 2.0.0, ASP.NET
Resource Hash: ba532fc8fa32a526d354b79122154343bb2c985f4ab09a5c8048d1d7ccd4036a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.republicrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:17:03 GMT
Last-Modified: Mon, 27 Jun 2022 02:31:51 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: UrlRewriter.NET 2.0.0, ASP.NET
ETag: "81918fce89d81:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 167527

GET
H/1.1 200
OK TRS%20Logo%20white%20no%20web.png
www.republicrefund.com/images/ 51 KB
51 KB 133ms
132ms Image
image/png 216.26.182.11
RBCORP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.republicrefund.com/images/TRS%20Logo%20white%20no%20web.png
Requested by: Host: www.republicrefund.com
URL: https://www.republicrefund.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.26.182.11 Carrollton, United States, ASN36333 (RBCORP, US),
Reverse DNS: host11.182.iskywire.net
Software: Microsoft-IIS/10.0 / UrlRewriter.NET 2.0.0, ASP.NET
Resource Hash: 71b9fbd6412e0fc46f3655cb0be72f10a9ccfa9d4ea159d66b15ba5699ad9cbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.republicrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:17:03 GMT
Last-Modified: Mon, 27 Jun 2022 02:31:51 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: UrlRewriter.NET 2.0.0, ASP.NET
ETag: "e92e6fce89d81:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 52406

GET
H/1.1 200
OK WebResource.axd Show response
www.republicrefund.com/ 23 KB
23 KB 125ms
124ms Script
application/x-javascript 216.26.182.11
RBCORP

General

Check archive.org

Show headers Download Go to

Full URL: https://www.republicrefund.com/WebResource.axd?d=_bl2jlJY_FmsSOhHu2QRSIc4jkdt29KNvnRqzkHPHFJO0k-qqdJ52bbpFaYR8BZ94J3ipcS1wAz49IkagwUAi1EgYz81&t=637814473746327080
Requested by: Host: www.republicrefund.com
URL: https://www.republicrefund.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.26.182.11 Carrollton, United States, ASN36333 (RBCORP, US),
Reverse DNS: host11.182.iskywire.net
Software: Microsoft-IIS/10.0 / UrlRewriter.NET 2.0.0, ASP.NET
Resource Hash: 40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.republicrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:17:02 GMT
Last-Modified: Sat, 26 Feb 2022 09:42:54 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: UrlRewriter.NET 2.0.0, ASP.NET
Content-Type: application/x-javascript
Cache-Control: public
Content-Length: 23063
Expires: Tue, 29 Aug 2023 12:52:40 GMT

GET
H/1.1 200
OK web_support_icon_sm_mainpage.png
www.republicrefund.com/images/icons/ 3 KB
3 KB 137ms
133ms Image
image/png 216.26.182.11
RBCORP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.republicrefund.com/images/icons/web_support_icon_sm_mainpage.png
Requested by: Host: www.republicrefund.com
URL: https://www.republicrefund.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.26.182.11 Carrollton, United States, ASN36333 (RBCORP, US),
Reverse DNS: host11.182.iskywire.net
Software: Microsoft-IIS/10.0 / UrlRewriter.NET 2.0.0, ASP.NET
Resource Hash: caf25411b02439c80d85c0be567d7b4b3c958eb51004552d45fd6ae74a9e9982

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.republicrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:17:03 GMT
Last-Modified: Mon, 27 Jun 2022 02:31:59 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: UrlRewriter.NET 2.0.0, ASP.NET
ETag: "e15b9713ce89d81:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 2753

GET
H/1.1 200
OK trs_work%20directly%20with%20bank.jpg
www.republicrefund.com/images/icons/ 3 KB
3 KB 139ms
135ms Image
image/jpeg 216.26.182.11
RBCORP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.republicrefund.com/images/icons/trs_work%20directly%20with%20bank.jpg
Requested by: Host: www.republicrefund.com
URL: https://www.republicrefund.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.26.182.11 Carrollton, United States, ASN36333 (RBCORP, US),
Reverse DNS: host11.182.iskywire.net
Software: Microsoft-IIS/10.0 / UrlRewriter.NET 2.0.0, ASP.NET
Resource Hash: affe238ec2ed7764347851f444a35bc24813d807587b964ea98d79569486dafc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.republicrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:17:03 GMT
Last-Modified: Mon, 27 Jun 2022 02:31:59 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: UrlRewriter.NET 2.0.0, ASP.NET
ETag: "be837f13ce89d81:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 2998

GET
H/1.1 200
OK productsIcon.png
www.republicrefund.com/images/icons/ 2 KB
2 KB 138ms
134ms Image
image/png 216.26.182.11
RBCORP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.republicrefund.com/images/icons/productsIcon.png
Requested by: Host: www.republicrefund.com
URL: https://www.republicrefund.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.26.182.11 Carrollton, United States, ASN36333 (RBCORP, US),
Reverse DNS: host11.182.iskywire.net
Software: Microsoft-IIS/10.0 / UrlRewriter.NET 2.0.0, ASP.NET
Resource Hash: 4dfe44b189e9e042283066ea427af5b9f8e8e928819e931d0ebaa640eab616cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.republicrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:17:03 GMT
Last-Modified: Mon, 27 Jun 2022 02:31:58 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: UrlRewriter.NET 2.0.0, ASP.NET
ETag: "715d1b13ce89d81:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 2031

GET
H/1.1 200
OK software%20purchaseIcon.png
www.republicrefund.com/images/icons/ 2 KB
2 KB 127ms
127ms Image
image/png 216.26.182.11
RBCORP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.republicrefund.com/images/icons/software%20purchaseIcon.png
Requested by: Host: www.republicrefund.com
URL: https://www.republicrefund.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.26.182.11 Carrollton, United States, ASN36333 (RBCORP, US),
Reverse DNS: host11.182.iskywire.net
Software: Microsoft-IIS/10.0 / UrlRewriter.NET 2.0.0, ASP.NET
Resource Hash: 4f4ff0ded4b9ac426a3cc1ab595cdb4d25538fa05640014010c2b18431661961

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.republicrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:17:03 GMT
Last-Modified: Mon, 27 Jun 2022 02:31:58 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: UrlRewriter.NET 2.0.0, ASP.NET
ETag: "12e74313ce89d81:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1628

GET
H/1.1 200
OK BenefitsMainTile.jpg
www.republicrefund.com/images/CMSIMages/ 77 KB
78 KB 146ms
136ms Image
image/jpeg 216.26.182.11
RBCORP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.republicrefund.com/images/CMSIMages/BenefitsMainTile.jpg
Requested by: Host: www.republicrefund.com
URL: https://www.republicrefund.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.26.182.11 Carrollton, United States, ASN36333 (RBCORP, US),
Reverse DNS: host11.182.iskywire.net
Software: Microsoft-IIS/10.0 / UrlRewriter.NET 2.0.0, ASP.NET
Resource Hash: d549c270a2ffef0e4acf265b895ff1344de3e47cbd9549ebf22d40e37325c54d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.republicrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:17:03 GMT
Last-Modified: Fri, 27 May 2022 17:16:46 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: UrlRewriter.NET 2.0.0, ASP.NET
ETag: "48b38b8bed71d81:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 79204

GET
H/1.1 200
OK preACKEAMainTile.jpg
www.republicrefund.com/images/CMSImages/ 31 KB
31 KB 144ms
134ms Image
image/jpeg 216.26.182.11
RBCORP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.republicrefund.com/images/CMSImages/preACKEAMainTile.jpg
Requested by: Host: www.republicrefund.com
URL: https://www.republicrefund.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.26.182.11 Carrollton, United States, ASN36333 (RBCORP, US),
Reverse DNS: host11.182.iskywire.net
Software: Microsoft-IIS/10.0 / UrlRewriter.NET 2.0.0, ASP.NET
Resource Hash: f1113e80cd73f23930f6f6185667f6d15c70433c04798f8b2f67c3554a2e6623

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.republicrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:17:03 GMT
Last-Modified: Fri, 27 May 2022 17:16:47 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: UrlRewriter.NET 2.0.0, ASP.NET
ETag: "21659c8bed71d81:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 31595

GET
H/1.1 200
OK NetspendVisaCardMainTile.jpg
www.republicrefund.com/images/CMSImages/ 40 KB
40 KB 129ms
124ms Image
image/jpeg 216.26.182.11
RBCORP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.republicrefund.com/images/CMSImages/NetspendVisaCardMainTile.jpg
Requested by: Host: www.republicrefund.com
URL: https://www.republicrefund.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.26.182.11 Carrollton, United States, ASN36333 (RBCORP, US),
Reverse DNS: host11.182.iskywire.net
Software: Microsoft-IIS/10.0 / UrlRewriter.NET 2.0.0, ASP.NET
Resource Hash: eb10a002f151abd2f430d0c8d1111911ebe464ebbef1fff670ce31c2fbf7e0a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.republicrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:17:03 GMT
Last-Modified: Fri, 27 May 2022 17:16:47 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: UrlRewriter.NET 2.0.0, ASP.NET
ETag: "68a0978bed71d81:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 41073

GET
H/1.1 200
OK CashFlowMainTile.jpg
www.republicrefund.com/images/CMSImages/ 86 KB
86 KB 159ms
131ms Image
image/jpeg 216.26.182.11
RBCORP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.republicrefund.com/images/CMSImages/CashFlowMainTile.jpg
Requested by: Host: www.republicrefund.com
URL: https://www.republicrefund.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.26.182.11 Carrollton, United States, ASN36333 (RBCORP, US),
Reverse DNS: host11.182.iskywire.net
Software: Microsoft-IIS/10.0 / UrlRewriter.NET 2.0.0, ASP.NET
Resource Hash: 9e99b454e3a0513ca4dda95dd1f87c06ab99bd891ba852a26ac6fb634edd7989

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.republicrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:17:03 GMT
Last-Modified: Fri, 27 May 2022 17:16:47 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: UrlRewriter.NET 2.0.0, ASP.NET
ETag: "9bdb928bed71d81:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 87989

GET
H/1.1 200
OK bankBuilding.jpg
www.republicrefund.com/images/CMSImages/ 49 KB
50 KB 129ms
125ms Image
image/jpeg 216.26.182.11
RBCORP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.republicrefund.com/images/CMSImages/bankBuilding.jpg
Requested by: Host: www.republicrefund.com
URL: https://www.republicrefund.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.26.182.11 Carrollton, United States, ASN36333 (RBCORP, US),
Reverse DNS: host11.182.iskywire.net
Software: Microsoft-IIS/10.0 / UrlRewriter.NET 2.0.0, ASP.NET
Resource Hash: dacd0019493fbc2e4238bef03e87babf6a2fb3e4042399b9b59a89a13d4a513d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.republicrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:17:03 GMT
Last-Modified: Fri, 27 May 2022 17:16:46 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: UrlRewriter.NET 2.0.0, ASP.NET
ETag: "7bee868bed71d81:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 50686

GET
H/1.1 200
OK expandable.js Show response
www.republicrefund.com/scripts/ 1 KB
1 KB 125ms
125ms Script
application/javascript 216.26.182.11
RBCORP

General

Check archive.org

Show headers Download Go to

Full URL: https://www.republicrefund.com/scripts/expandable.js
Requested by: Host: www.republicrefund.com
URL: https://www.republicrefund.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.26.182.11 Carrollton, United States, ASN36333 (RBCORP, US),
Reverse DNS: host11.182.iskywire.net
Software: Microsoft-IIS/10.0 / UrlRewriter.NET 2.0.0, ASP.NET
Resource Hash: 3549408e9b373d04a220a6fdcd8eb2d1854805a7b2c08194788e48fe5429d399

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.republicrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:17:03 GMT
Last-Modified: Mon, 27 Jun 2022 02:31:52 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: UrlRewriter.NET 2.0.0, ASP.NET
ETag: "292577fce89d81:0"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 1166

GET
H/1.1 200
OK reset.css
www.republicrefund.com/css/ 1 KB
1 KB 118ms
118ms Stylesheet
text/css 216.26.182.11
RBCORP

General

Check archive.org

Show headers Download Go to

Full URL: https://www.republicrefund.com/css/reset.css
Requested by: Host: www.republicrefund.com
URL: https://www.republicrefund.com/css/republic.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.26.182.11 Carrollton, United States, ASN36333 (RBCORP, US),
Reverse DNS: host11.182.iskywire.net
Software: Microsoft-IIS/10.0 / UrlRewriter.NET 2.0.0, ASP.NET
Resource Hash: a00540e3c270adb8fb74ca865731c8b6e1c0a8c5deef334181a64e608ba19525

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.republicrefund.com/css/republic.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:17:02 GMT
Last-Modified: Mon, 27 Jun 2022 02:31:45 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: UrlRewriter.NET 2.0.0, ASP.NET
ETag: "7ee755bce89d81:0"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 1156

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 64ms
12ms Script
text/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.republicrefund.com
URL: https://www.republicrefund.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.republicrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5170
date: Tue, 30 Aug 2022 12:50:53 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Tue, 30 Aug 2022 14:50:53 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v139/ 125 KB
126 KB 74ms
29ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.republicrefund.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 20:32:16 GMT
x-content-type-options: nosniff
age: 409487
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128352
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 00:26:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Aug 2023 20:32:16 GMT

GET
H2 200 pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2
fonts.gstatic.com/s/nunitosans/v12/ 17 KB
17 KB 134ms
89ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

280aaa8929329764ac3213ca093c63505cfcc665347939c79905c426d33867c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.republicrefund.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 15:04:56 GMT
x-content-type-options: nosniff
age: 83527
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17116
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:31:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Aug 2023 15:04:56 GMT

GET
H2 200 pe03MImSLYBIv1o4X1M8cc8WAc5tU1E.woff2
fonts.gstatic.com/s/nunitosans/v12/ 17 KB
17 KB 141ms
96ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8WAc5tU1E.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

976177894b0cca88ff93ab02c6da363f2d55cce5d940139db955b251fcdd19a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.republicrefund.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 13:27:13 GMT
x-content-type-options: nosniff
age: 89390
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16920
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:31:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Aug 2023 13:27:13 GMT

GET
H/1.1 200
OK mainpage-title-image-blank.jpg
www.republicrefund.com/images/ 361 KB
361 KB 142ms
124ms Image
image/jpeg 216.26.182.11
RBCORP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.republicrefund.com/images/mainpage-title-image-blank.jpg
Requested by: Host: www.republicrefund.com
URL: https://www.republicrefund.com/css/republic.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.26.182.11 Carrollton, United States, ASN36333 (RBCORP, US),
Reverse DNS: host11.182.iskywire.net
Software: Microsoft-IIS/10.0 / UrlRewriter.NET 2.0.0, ASP.NET
Resource Hash: 2de5781325541a90df23a33872d28816c08d421b0471c3f04a0f95667de64964

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.republicrefund.com/css/republic.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 30 Aug 2022 14:17:03 GMT
Last-Modified: Mon, 27 Jun 2022 02:31:49 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: UrlRewriter.NET 2.0.0, ASP.NET
ETag: "ca5af6dce89d81:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 369623

GET
H2 200 pe03MImSLYBIv1o4X1M8cc9iB85tU1E.woff2
fonts.gstatic.com/s/nunitosans/v12/ 17 KB
17 KB 62ms
53ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc9iB85tU1E.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c84423c305779f2aab07847a2e3870ac1ea4072e470d5eb149c01e0e0497eae3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.republicrefund.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 08:47:36 GMT
x-content-type-options: nosniff
age: 538167
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17156
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:33:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Aug 2023 08:47:36 GMT

GET
H2 200 pe0qMImSLYBIv1o4X1M8cce9I9s.woff2
fonts.gstatic.com/s/nunitosans/v12/ 17 KB
17 KB 49ms
48ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe0qMImSLYBIv1o4X1M8cce9I9s.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.republicrefund.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 08:45:06 GMT
x-content-type-options: nosniff
age: 538317
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16980
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:33:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Aug 2023 08:45:06 GMT

GET
H3 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
54 B 72ms
28ms Image
image/gif 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=798101008&utmhn=www.republicrefund.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Tax%20Refund%20Solutions%20-%20Republic%20Bank&utmhid=382791892&utmr=-&utmp=%2F&utmht=1661869023679&utmac=UA-31649232-1&utmcc=__utma%3D36073763.1555486607.1661869024.1661869024.1661869024.1%3B%2B__utmz%3D36073763.1661869024.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=824479464&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: www.republicrefund.com
URL: https://www.republicrefund.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.republicrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 14:17:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pe01MImSLYBIv1o4X1M8cce4G3JoY1MIUg.woff2
fonts.gstatic.com/s/nunitosans/v12/ 17 KB
17 KB 29ms
21ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe01MImSLYBIv1o4X1M8cce4G3JoY1MIUg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf22fea881f28a602afbd158f8c9d06a8bcc84e17b9b6dd9a3224992cce2a9e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.republicrefund.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 08:48:23 GMT
x-content-type-options: nosniff
age: 538120
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17676
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:32:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Aug 2023 08:48:23 GMT

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.republicrefund.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 0nkkq0zn0jblz5ntl01i0aat
.republicrefund.com/	1970-01-20 15:13:49	Name: __utma Value: 36073763.1555486607.1661869024.1661869024.1661869024.1
.republicrefund.com/	1969-12-31 23:59:59	Name: __utmc Value: 36073763
.republicrefund.com/	1970-01-20 10:00:37	Name: __utmz Value: 36073763.1661869024.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.republicrefund.com/	1970-01-20 05:37:49	Name: __utmt Value: 1
.republicrefund.com/	1970-01-20 05:37:50	Name: __utmb Value: 36073763.1.10.1661869024

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
republicrefund.com
ssl.google-analytics.com
www.republicrefund.com
216.26.182.11
2a00:1450:4001:801::2003
2a00:1450:4001:82a::2008
2a00:1450:400a:800::200a
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e
22d48702fa1726a0a2e9e490986ee131b369322f9b8af448a7236c04268d3c7d
2494fe33eaab077a3ec31e982eb619fd099c06feda3a390fc669eca96584fc02
280aaa8929329764ac3213ca093c63505cfcc665347939c79905c426d33867c5
2de5781325541a90df23a33872d28816c08d421b0471c3f04a0f95667de64964
3549408e9b373d04a220a6fdcd8eb2d1854805a7b2c08194788e48fe5429d399
36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64
37904cc0af1aeb351c1879414bcd1fce855dda4a381f2c0631653fa3442c406c
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
4dfe44b189e9e042283066ea427af5b9f8e8e928819e931d0ebaa640eab616cf
4f4ff0ded4b9ac426a3cc1ab595cdb4d25538fa05640014010c2b18431661961
5a3d8c05785485d36ee5c94d4681e5b1d9e4b94c5be8b5bd7b0f3168fff1bd9a
5d6e221886fe0c054194639a814132b0bb4f3d7f6d39fe3e3afec48b84c30992
654ecc4c5d18d6bb3131f0b315ac43c7c0ac82f7ead17b1d7f741b9c3de858db
71b9fbd6412e0fc46f3655cb0be72f10a9ccfa9d4ea159d66b15ba5699ad9cbc
721d6e73ffee86eadb5863f7e2a843d1eab44a5cfc519043057e04c5def5e389
80c2a59f46ad8800636d064429d746b9a8a79ca11f681801dab02ed889dcaba1
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83c599a68611313b6ededfb53a2a19a3640c755b89117341bcc98b328cfcf0a6
976177894b0cca88ff93ab02c6da363f2d55cce5d940139db955b251fcdd19a6
97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787
9e99b454e3a0513ca4dda95dd1f87c06ab99bd891ba852a26ac6fb634edd7989
a00540e3c270adb8fb74ca865731c8b6e1c0a8c5deef334181a64e608ba19525
a1fc77b82dec801c5096e5a5e0cd12750f053fd6791e9027e7d79722956de6da
affe238ec2ed7764347851f444a35bc24813d807587b964ea98d79569486dafc
ba532fc8fa32a526d354b79122154343bb2c985f4ab09a5c8048d1d7ccd4036a
bf22fea881f28a602afbd158f8c9d06a8bcc84e17b9b6dd9a3224992cce2a9e2
c84423c305779f2aab07847a2e3870ac1ea4072e470d5eb149c01e0e0497eae3
caf25411b02439c80d85c0be567d7b4b3c958eb51004552d45fd6ae74a9e9982
d549c270a2ffef0e4acf265b895ff1344de3e47cbd9549ebf22d40e37325c54d
d65845903fa8439eab1cf5f21f29a9ca8c5aeccae43e55311f4732d7eb3776f9
dacd0019493fbc2e4238bef03e87babf6a2fb3e4042399b9b59a89a13d4a513d
de4952e81047b4a4e4eb402d081593b49db0f4cd5bc66e13a163538a0f6709a4
df797630e47e7f91167767731e7edff4fd00a6eceb2d5406515b1f3b02c6f155
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
eb10a002f151abd2f430d0c8d1111911ebe464ebbef1fff670ce31c2fbf7e0a8
f1113e80cd73f23930f6f6185667f6d15c70433c04798f8b2f67c3554a2e6623
fae5eff8cba6c11d1e3b8ea0380e6197eb2655885a74f5aabcb6be9336fb72fb

www.republicrefund.com Open in urlscan Pro 216.26.182.11 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

40 Requests

100 %HTTPS

75 %IPv6

4 Domains

5 Subdomains

4 IPs

3 Countries

1880 kBTransfer

1922 kBSize

6 Cookies

8 Outgoing links

Page URL History

Redirected requests

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.republicrefund.com Open in urlscan Pro
216.26.182.11 Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

5
Subdomains

4
IPs

3
Countries

1880 kB
Transfer

1922 kB
Size

6
Cookies

40 HTTP transactions
0 data transactions